Submit a ticketCall us

AnnouncementsWeb Help Desk Integrations eCourse

Looking to reduce response times? Sign up for our eCourse to learn how integrating Web Help Desk with Dameware Remote Support, Network Configuration Manager, Network Performance Monitor, and Server & Application Monitor can improve communication efficiencies.

Register here.

Home > Success Center > Network Configuration Manager (NCM) > Configure Real-time Configuration Change Detection Based on Syslog Messages

Configure Real-time Configuration Change Detection Based on Syslog Messages

Table of contents
Created by Ivan Zlatkov, last modified by Bill Corgey on Sep 13, 2016

Views: 6,101 Votes: 2 Revisions: 12


This article shows a simplified procedure in configuring Real-time Configuration Change Detection based on Syslog in NCM.


NCM version 7.3 and later.


Note: All devices must be configured to send Syslog messages relevant to when a user leaves from a configuration mode, to your Orion server. 


1. Go to Start > All Programs > SolarWinds > Syslog and SNMP Traps > Syslog Viewer.

2. Verify syslogs are being received  by the Syslog Viewer relevant to a configuration modification

  -- Example a Cisco IOS device will send a SYS-5-CONFIG_I Message Type when a user exits config mode

  -- The Message should contain *configured from console*

3. Enable NCM Rule: Cisco IOS Realtime Change Notifications by going to Syslog Viewer > View > Alerts/Filter Rules.

4. Go to Web Console > Settings >  NCM Settings > Configure Real-Time Change Detection and complete the rest of the steps regarding email notifications and SMTP server.

5. Verify is RTCN is enabled.

7. Modify a configuration on one of your devices and check whether the change detection works.  When a change is detected, aside from getting email notifications, you should be able to see new entries on the Last X Config Changes resource on the NCM Config summary page

8.  If Email is set up to send if the event a change is detected, an email will only be sent if there is a change detected and is not a validation the rule was successful.



Last modified